Skip to main content
CVE-2018-7977 HIGH This Week

There is an information leakage vulnerability on several Huawei products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Fusionsphere Openstack
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2018-10142 HIGH This Week

The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Expedition
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-16090 HIGH This Week

In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to post-authentication command injection. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection System Management Module Firmware
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2018-16089 HIGH This Week

In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection System Management Module Firmware
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-7960 HIGH This Week

There is a SRTP icon display vulnerability in Huawei eSpace product. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Information Disclosure Espace 7950 Firmware
NVD
CVSS 3.0
7.4
EPSS
0.8%
CVE-2018-7958 HIGH This Week

There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Huawei Espace 7950 Firmware
NVD
CVSS 3.0
7.4
EPSS
1.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy